sepa-mandates.braintreegateway.com
- PayPal, Inc. -
Issued by DigiCert SHA2 Extended Validation Server CA
About this certificate
This digital certificate with serial number 0d:93:f9:81:59:e4:c2:9b:44:38:9b:e8:b6:d3:17:27 was issued on by DigiCert Inc.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
PayPal, Inc.
Company registration number:
3014267
Organization: PayPal, Inc.
Organization unit: Braintree Production
Organization: PayPal, Inc.
Organization unit: Braintree Production
State / Province:
California
Locality: San Jose
Country: US
Locality: San Jose
Country: US
DigiCert Inc
Organization:
DigiCert Inc
Organization unit: www.digicert.com
Organization unit: www.digicert.com
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 0d:93:f9:81:59:e4:c2:9b:44:38:9b:e8:b6:d3:17:27Serial Number (int): 18048292151653519579409292298347026215
Serial Number lenght: 124 bits, 16 octets
SubjectKeyId: d6:e5:9f:3f:99:93:6d:c9:14:99:89:93:a9:02:a8:90:34:ee:0d:3a
AuthorityKeyId: 3d:d3:50:a5:d6:a0:ad:ee:f3:4a:60:0a:65:d3:21:d4:f8:f8:d6:0f
Fingerprint (sha1): eb:3c:a8:79:90:d8:14:6e:78:89:0b:54:95:ce:4c:cf:22:6c:bf:98
Fingerprint (sha256): 0a:f1:a4:c0:c2:03:23:a8:15:d6:63:5a:7d:68:09:e5:eb:9a:73:1f:8e:f2:39:de:35:9f:61:7d:51:43:1f:59
Issuing Certificate URL: http://cacerts.digicert.com/DigiCertSHA2ExtendedValidationServerCA.crt
Revocation information
OCSP Server: http://ocsp.digicert.comCRL Distribution Point: http://crl3.digicert.com/sha2-ev-server-g2.crl
CRL Distribution Point: http://crl4.digicert.com/sha2-ev-server-g2.crl
Check the revocation status for certificate sepa-mandates.braintreegateway.com
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for sepa-mandates.braintreegateway.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
sepa-mandates.braintreegateway.com
Other certificates including the domain name braintreegateway.com
(limited to 100 certificates)
www.sandbox.paypal.com
api.sandbox.braintreegateway.com
id.sandbox.braintreegateway.com
origin-js.braintreegateway.com
panel.sandbox.braintreegateway.com
api.braintreegateway.com
forwarding.sandbox.braintreegateway.com
origin-js.braintreegateway.com
api.sandbox.braintreegateway.com
gateway-sand.sandbox.braintree-api.com
www.sandbox.paypal.com
origin-onboarding.braintreegateway.com
login.braintreegateway.com
venmosdk.braintreegateway.com
forwarding.braintreegateway.com
id.braintreegateway.com
api.sandbox.braintreegateway.com
apply.braintreegateway.com
forwarding.sandbox.braintreegateway.com
sepa-mandates.braintreegateway.com
panel.gateway.qa.braintreepayments.com
www.braintreegateway.com
checkout.paypal.com
venmosdk.sandbox.braintreegateway.com
www.braintreegateway.com
apply.braintreegateway.com
livingsocial.braintreegateway.com
www.paypal.com
www.sandbox.paypal.com
venmosdk.braintreegateway.com
api.sandbox.braintreegateway.com
www.braintreegateway.com
api.sandbox.braintreegateway.com
id.braintreegateway.com
panel.braintreegateway.com
forwarding.braintreegateway.com
www.braintreegateway.com
www.paypal.com
client-analytics.braintreegateway.com
www.sandbox.paypal.com
www.paypal.com
www.braintreegateway.com
sandbox.braintreegateway.com
api.braintreegateway.com
api.sandbox.braintreegateway.com
login.braintreegateway.com
checkout.paypal.com
id.sandbox.braintreegateway.com
sandbox.braintreegateway.com
login.braintreegateway.com
js.braintreegateway.com
rabbitmq.sand.braintreegateway.com
apply.braintreegateway.com
*.sandbox.braintreegateway.com
api.sandbox.braintreegateway.com
api.braintreegateway.com
rabbitmq.braintreegateway.com
origin-checkout.braintreegateway.com
id.sandbox.braintreegateway.com
www.paypal.com
panel.sandbox.braintreegateway.com
gateway.braintree-api.com
gstatic.sandbox.braintreegateway.com
gateway.braintree-api.com
login.braintreegateway.com
www.braintreegateway.com
api.braintreegateway.com
metrics.sandbox.braintreegateway.com
sandbox.braintreegateway.com
panel.qa.braintreegateway.com
www.braintreegateway.com
rabbitmq.sand.braintreegateway.com
sandbox.braintreegateway.com
client-analytics.braintreegateway.com
www.paypal.com
gstatic.braintreegateway.com
panel.braintreegateway.com
www.paypal.com
launchpad.braintreegateway.com
client-analytics.braintreegateway.com
gstatic.braintreegateway.com
*.braintreegateway.com
api.sandbox.braintreegateway.com
forwarding.braintreegateway.com
www.paypal.com
api.sandbox.braintreegateway.com
apply.braintreegateway.com
checkout.paypal.com
api.braintreegateway.com
www.braintreegateway.com
qa.braintreegateway.com
gateway.braintree-api.com
*.qa2.braintreegateway.com
qa2.braintreegateway.com
panel.sandbox.braintreegateway.com
gstatic.sandbox.braintreegateway.com
origin-js.braintreegateway.com
www.sandbox.paypal.com
api.braintreegateway.com
gstatic.sandbox.braintreegateway.com
api.sandbox.braintreegateway.com
id.sandbox.braintreegateway.com
origin-js.braintreegateway.com
panel.sandbox.braintreegateway.com
api.braintreegateway.com
forwarding.sandbox.braintreegateway.com
origin-js.braintreegateway.com
api.sandbox.braintreegateway.com
gateway-sand.sandbox.braintree-api.com
www.sandbox.paypal.com
origin-onboarding.braintreegateway.com
login.braintreegateway.com
venmosdk.braintreegateway.com
forwarding.braintreegateway.com
id.braintreegateway.com
api.sandbox.braintreegateway.com
apply.braintreegateway.com
forwarding.sandbox.braintreegateway.com
sepa-mandates.braintreegateway.com
panel.gateway.qa.braintreepayments.com
www.braintreegateway.com
checkout.paypal.com
venmosdk.sandbox.braintreegateway.com
www.braintreegateway.com
apply.braintreegateway.com
livingsocial.braintreegateway.com
www.paypal.com
www.sandbox.paypal.com
venmosdk.braintreegateway.com
api.sandbox.braintreegateway.com
www.braintreegateway.com
api.sandbox.braintreegateway.com
id.braintreegateway.com
panel.braintreegateway.com
forwarding.braintreegateway.com
www.braintreegateway.com
www.paypal.com
client-analytics.braintreegateway.com
www.sandbox.paypal.com
www.paypal.com
www.braintreegateway.com
sandbox.braintreegateway.com
api.braintreegateway.com
api.sandbox.braintreegateway.com
login.braintreegateway.com
checkout.paypal.com
id.sandbox.braintreegateway.com
sandbox.braintreegateway.com
login.braintreegateway.com
js.braintreegateway.com
rabbitmq.sand.braintreegateway.com
apply.braintreegateway.com
*.sandbox.braintreegateway.com
api.sandbox.braintreegateway.com
api.braintreegateway.com
rabbitmq.braintreegateway.com
origin-checkout.braintreegateway.com
id.sandbox.braintreegateway.com
www.paypal.com
panel.sandbox.braintreegateway.com
gateway.braintree-api.com
gstatic.sandbox.braintreegateway.com
gateway.braintree-api.com
login.braintreegateway.com
www.braintreegateway.com
api.braintreegateway.com
metrics.sandbox.braintreegateway.com
sandbox.braintreegateway.com
panel.qa.braintreegateway.com
www.braintreegateway.com
rabbitmq.sand.braintreegateway.com
sandbox.braintreegateway.com
client-analytics.braintreegateway.com
www.paypal.com
gstatic.braintreegateway.com
panel.braintreegateway.com
www.paypal.com
launchpad.braintreegateway.com
client-analytics.braintreegateway.com
gstatic.braintreegateway.com
*.braintreegateway.com
api.sandbox.braintreegateway.com
forwarding.braintreegateway.com
www.paypal.com
api.sandbox.braintreegateway.com
apply.braintreegateway.com
checkout.paypal.com
api.braintreegateway.com
www.braintreegateway.com
qa.braintreegateway.com
gateway.braintree-api.com
*.qa2.braintreegateway.com
qa2.braintreegateway.com
panel.sandbox.braintreegateway.com
gstatic.sandbox.braintreegateway.com
origin-js.braintreegateway.com
www.sandbox.paypal.com
api.braintreegateway.com
gstatic.sandbox.braintreegateway.com
Certificate
The complete raw certificate details for sepa-mandates.braintreegateway.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGDzCCBPegAwIBAgIQDZP5gVnkwptEOJvottMXJzANBgkqhkiG9w0BAQsFADB1 MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 d3cuZGlnaWNlcnQuY29tMTQwMgYDVQQDEytEaWdpQ2VydCBTSEEyIEV4dGVuZGVk IFZhbGlkYXRpb24gU2VydmVyIENBMB4XDTE4MDMyNDAwMDAwMFoXDTIwMDMyNzEy MDAwMFowgfkxHTAbBgNVBA8MFFByaXZhdGUgT3JnYW5pemF0aW9uMRMwEQYLKwYB BAGCNzwCAQMTAlVTMRkwFwYLKwYBBAGCNzwCAQITCERlbGF3YXJlMRAwDgYDVQQF EwczMDE0MjY3MQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTERMA8G A1UEBxMIU2FuIEpvc2UxFTATBgNVBAoTDFBheVBhbCwgSW5jLjEdMBsGA1UECxMU QnJhaW50cmVlIFByb2R1Y3Rpb24xKzApBgNVBAMTInNlcGEtbWFuZGF0ZXMuYnJh aW50cmVlZ2F0ZXdheS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDuVManEYuyP+AqL0F65gNP9CE3iNy2oZgu3ltBr6Eb12Pyq3FsaiBmwWaAvYRV U/er+FTBr/20FF4EHnYscp5vA+V6ZsmqrFygBGB+b1vsfEmCO7DHW7XXP/PNAmC0 yEpy3YgU1EbUiaJIq0foicDrYHPpB5oxhVOvoK3qapC2my8i/a20QBvkTz9tt4uy sB3Qk1q9yGWyIWlCbL2M4JGxQTVUG2tXIRCcVFaOsJBCU0v+Mo4I1bAzRBANENw3 y9HY16ZUI967GKIEzKALZ+mKeVMmiqtZa73RZ6G+445PyGsH51pVwA4RxQqoWhEu yz0oNpHzpycVy2TEbaQS5OQBAgMBAAGjggIUMIICEDAfBgNVHSMEGDAWgBQ901Cl 1qCt7vNKYApl0yHU+PjWDzAdBgNVHQ4EFgQU1uWfP5mTbckUmYmTqQKokDTuDTow LQYDVR0RBCYwJIIic2VwYS1tYW5kYXRlcy5icmFpbnRyZWVnYXRld2F5LmNvbTAO BgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMHUG A1UdHwRuMGwwNKAyoDCGLmh0dHA6Ly9jcmwzLmRpZ2ljZXJ0LmNvbS9zaGEyLWV2 LXNlcnZlci1nMi5jcmwwNKAyoDCGLmh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9z aGEyLWV2LXNlcnZlci1nMi5jcmwwSwYDVR0gBEQwQjA3BglghkgBhv1sAgEwKjAo BggrBgEFBQcCARYcaHR0cHM6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzAHBgVngQwB ATCBiAYIKwYBBQUHAQEEfDB6MCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdp Y2VydC5jb20wUgYIKwYBBQUHMAKGRmh0dHA6Ly9jYWNlcnRzLmRpZ2ljZXJ0LmNv bS9EaWdpQ2VydFNIQTJFeHRlbmRlZFZhbGlkYXRpb25TZXJ2ZXJDQS5jcnQwDAYD VR0TAQH/BAIwADATBgorBgEEAdZ5AgQDAQH/BAIFADANBgkqhkiG9w0BAQsFAAOC AQEANRkQUmp5E06iSKDXwjaXzYpmg5aKlDI0DgzdJLCxwtIDsRdoBzP/FNBqD1Uz 9/+VI6FN8BuXuf2t+597nm8lAE5MkA+7MnsA6t6c9+XSRKX0o8u6hmyP3f0sDgv6 lMuEBnX67qLepKZdVZggGJiyArTdvVUALE63DXFe+XGU7EmjI2R9xSyfhlDxqTrT XWgFORHSp8UA+bqVHRJS56PFwOrXHrXzOc3XnRv80d6w3ZtWTXVjANFy9sNbwtBQ nUSWuURmrJz2bdrmctraVS+L+Vnrot83C9Tg+eBov6yOL2toD/nmK21GuPo9AjDS Mrj5CDjghjfXCV3FwEi4NjKHHw== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7lTGpxGLsj/gKi9BeuYD T/QhN4jctqGYLt5bQa+hG9dj8qtxbGogZsFmgL2EVVP3q/hUwa/9tBReBB52LHKe bwPlembJqqxcoARgfm9b7HxJgjuwx1u11z/zzQJgtMhKct2IFNRG1ImiSKtH6InA 62Bz6QeaMYVTr6Ct6mqQtpsvIv2ttEAb5E8/bbeLsrAd0JNavchlsiFpQmy9jOCR sUE1VBtrVyEQnFRWjrCQQlNL/jKOCNWwM0QQDRDcN8vR2NemVCPeuxiiBMygC2fp inlTJoqrWWu90WehvuOOT8hrB+daVcAOEcUKqFoRLss9KDaR86cnFctkxG2kEuTk AQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 18048292151653519579409292298347026215 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.digicert.com' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert SHA2 Extended Validation Server CA' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-03-24 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-03-27 12:00:00 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.15 (businessCategory) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Private Organization' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.60.2.1.3 (jurisdictionOfIncorporationC) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.60.2.1.2 (jurisdictionOfIncorporationSP) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Delaware' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.5 (serialNumber) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '3014267' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'California' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'San Jose' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'PayPal, Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Braintree Production' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'sepa-mandates.braintreegateway.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 30086521179073745480850092617338723272567239717329357792041974382344479303053153802883363831502140403707434415513065747197570396181155126199955198768904805826458612333073462303917744746690238398689062108355745461766148775108927990908100170580649575863141430735108976518520415538215538339920595065516796534727691097921867113401451406376238049140813961121039424124397809127299367214652037134250877095438967744967496372949441607393172267905591374471118754010856584045702793405192328791939577044127414128116250324344797932892822309254106725028219927282756155046593299484406133922213585258531208391607560073626626721899521 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 3dd350a5d6a0adeef34a600a65d321d4f8f8d60f . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) d6e59f3f99936dc914998993a902a89034ee0d3a . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (38 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sepa-mandates.braintreegateway.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (110 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/sha2-ev-server-g2.crl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/sha2-ev-server-g2.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (68 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.2.1 (DigiCert EV policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.digicert.com/CPS' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (124 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/DigiCertSHA2ExtendedValidationServerCA.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00351910526a79134ea248a0d7c23697cd8a6683968a9432340e0cdd24b0b1c2d203b117680733ff14d06a0f5533f7ff9523a14df01b97b9fdadfb9f7b9e6f25004e4c900fbb327b00eade9cf7e5d244a5f4a3cbba866c8fddfd2c0e0bfa94cb840675faeea2dea4a65d5598201898b202b4ddbd55002c4eb70d715ef97194ec49a323647dc52c9f8650f1a93ad35d68053911d2a7c500f9ba951d1252e7a3c5c0ead71eb5f339cdd79d1bfcd1deb0dd9b564d756300d172f6c35bc2d0509d4496b94466ac9cf66ddae672dada552f8bf959eba2df370bd4e0f9e068bfac8e2f6b680ff9e62b6d46b8fa3d0230d232b8f90838e08637d7095dc5c048b83632871f